Define initial MIME type and application mapping #168
Comments
eloquence
added this to Current Sprint Backlog - 10/17 - 10/31
in SecureDrop Team Board
|
Here is my initial set of recommendations: There are some caveats for certain handlers, please inspect the notes (black triangles on some cells). For example, if we rely on |
eloquence
moved this from Current Sprint Backlog - 10/17 - 10/31
to Ready for review
in SecureDrop Team Board
|
Great coverage, @eloquence ! Convenient that we can use Also flagging that MP3 support and other formats may require non-free repos to be configured; I'd prefer to skip those for now and rely on the stable repos where possible, unless we have interview feedback that suggests prioritizing. We should also have a fallback option that bails out of the handler selection and displays a message to the user if an application format is unsupported—fine to punt to another issue to keep this one focused. |
|
NB, this is all based on testing in the debian9.5 template that shipped with Qubes 4.0. I did not have to configure any non-free repos to get MP3 working in audacious -- it just worked immediately. Debian 9.5 post-dates the MP3 patent expiry date, which may be why, but I didn't confirm that. |
That's great news, happy we're downstream from those changes, then. Looks like we have strong coverage of common formats here, but perhaps we'll uncover more based on interview feedback. Given that we'll want to ship updates to these over time, creating a Debian package for |
|
SGTM, for now, added a checkbox to this effect to #167, tentatively suggesting |
|
Looks great @eloquence ! The list looks quite complete to me, and the defaults sensible. Do you know offhand .csv files handled by default? ( |
|
Thanks for flagging; I believe LibreOffice should indeed be a good candidate for CSV and handle it by default, but I'll do some more sanity checking in Qubes and update the spreadsheet for both plain text and CSV. |
|
Confirmed; we should be fine for CSVs. Note that LibreOffice will become the default handler for plain text files after it is installed; I would suggest overriding that and forcing use of |
|
Closing this task based on Mickael's and Conor's review, should be a reasonable starting point for building the SVS template. |
As described in #75, ideally we'll ultimately be able to have a clear mapping of various supported file types against carefully chosen applications, and a comparison with the feature set of the Tails SVS.
Initially, however, we can make do with a preliminary subset of supported MIME types and applications. For the purposes of the audit, our goal is to demonstrate that files can be opened in different external applications using disposable VMs -- the specific choices do not have to be final.
What we need to close this task is a table that includes a reasonable subset of common document/media MIME types, common file extensions for that MIME type (for easy testing/identification), and the recommended handler application which should ideally exist as a Debian 9 stretch package we can specify as a dependency.
In the alpha release, all other MIME types will be unsupported and trigger an error message.
The text was updated successfully, but these errors were encountered: